• Online, Instructor-Led
  • Online, Self-Paced

Become a Job-Ready Cybersecurity Governance, Risk, and Compliance (GRC) Professional in just 16-Weeks! This 16-weeks training program is designed to provide participants with a comprehensive understanding of GRC concepts and practices, and equip them with the skills and knowledge to effectively manage governance, risk, and compliance within their organizations. Through a combination of lectures, case studies, and practical exercises, participants will learn how to identify, assess, and manage risks, develop and implement effective compliance programs, and establish and maintain effective governance frameworks. In addition, participants will gain the skills needed to examine & audit current policies, procedures, standards, and processes to support more risk-aware decisions across organizations.

Learning Objectives

You will learn how to manage, lead, or support periodic information risk assessments and audits to ensure that information systems are adequately protected. They will be able to lead or support the implementation of compliance programs, such as ISO 27001, SOC2 Type 2, and PCI-DSS, and lead internal organizational audits to strengthen internal controls and improve business processes. They will also be able to track and maintain Risk Register/Action Plans for the resolution of issues identified during assessments and audit. The training will enable individuals to develop or support the development/review of organizational policies, standards, and procedures, document, maintain and analyze compliance with IT controls, standards, procedures, and policies, and coordinate with internal/external auditors to prepare control owners, review, and collect required evidence as needed to meet compliance requirements. Moreover, individuals will learn to develop metrics/reporting for senior management to track compliance, identify the importance and functions of Cybersecurity Third Party Risk Management Compliance and Governance, Risk Management, and Compliance in Cybersecurity program management, and describe the structure and content of Cybersecurity-related strategy, plans, and planning.

Framework Connections

The materials within this course focus on the NICE Framework Task, Knowledge, and Skill statements identified within the indicated NICE Framework component(s):

Specialty Areas

  • Cybersecurity Management
  • Test and Evaluation
  • Vulnerability Assessment and Management
  • Risk Management
  • Systems Development

Specialty Areas have been removed from the NICE Framework. With the recent release of the new NICE Framework data, updates to courses are underway. Until this course can be updated, this historical information is provided to give better context as to how it can help you with your cybersecurity goals.

Feedback

If you would like to provide feedback for this course, please e-mail the NICCS SO at NICCS@hq.dhs.gov.